The following Fedora EPEL 5 Security updates need testing: Age URL 326 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-5630/bugzilla-3.2.1... 221 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6608/Django-1.1.4-2... 27 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0366/openconnect-4.... 20 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0425/nginx-0.8.55-3... 4 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0518/euca2ools-2.1.... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0609/php-Smarty-2.6... 2 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0598/firebird-2.1.5... 0 https://admin.fedoraproject.org/updates/FEDORA-EPEL-2013-0664/puppet-2.6.18-...
The following builds have been pushed to Fedora EPEL 5 updates-testing
389-dsgw-1.1.10-1.el5 bdii-5.2.17-2.el5 bitlbee-3.2-2.el5 drupal6-feeds-1.0-0.11.beta13.el5 drupal7-i18n-1.8-0.el5 drupal7-jquery_update-2.3-1.el5 drupal7-libraries-2.1-1.el5 glue-schema-2.0.10-1.el5 graphite-web-0.9.10-8.el5 libguestfs-1.20.4-2.el5 ndjbdns-1.05.7-1.el5 puppet-2.6.18-1.el5 python-bucky-0.2.4-1.el5 salt-0.13.2-1.el5
Details about builds:
================================================================================ 389-dsgw-1.1.10-1.el5 (FEDORA-EPEL-2013-0677) 389 Directory Server Gateway (dsgw) -------------------------------------------------------------------------------- Update Information:
Here is where you give an explanation of your update. -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 13 2013 Mark Reynolds mreynolds@redhat.com - 1.1.10-1 - ce71231 Bump version to 1.1.10 - Ticket 606 - DSGW - format string errors --------------------------------------------------------------------------------
================================================================================ bdii-5.2.17-2.el5 (FEDORA-EPEL-2013-0676) The Berkeley Database Information Index (BDII) -------------------------------------------------------------------------------- Update Information:
Updated versions of bdii and glue-schema from the EMI 3 release. -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 14 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 5.2.17-2 - Don't use _libdir macro for noarch package * Thu Mar 14 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 5.2.17-1 - New upstream version 5.2.17 * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 5.2.13-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ bitlbee-3.2-2.el5 (FEDORA-EPEL-2013-0674) IRC to other chat networks gateway -------------------------------------------------------------------------------- Update Information:
Add accidentially lost OTR support for RHEL 5 and 6 -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 14 2013 Robert Scheck robert@fedoraproject.org 3.2-2 - Add accidentially lost OTR support for RHEL 5 and 6 (#919912) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #919912 - Cannot apply latest bitlbee update due to dependency issues https://bugzilla.redhat.com/show_bug.cgi?id=919912 --------------------------------------------------------------------------------
================================================================================ drupal6-feeds-1.0-0.11.beta13.el5 (FEDORA-EPEL-2013-0663) An import and aggregation framework for Drupal -------------------------------------------------------------------------------- Update Information:
New upstream release, http://drupal.org/node/1869526. -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 14 2013 Peter Borsa peter.borsa@gmail.com - 1.0-0.11.beta13 - New upstream version 1.0-beta13 * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.0-0.10.beta12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Wed Jul 18 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.0-0.9.beta12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #892543 - drupal6-feeds-1.0-beta13 is available https://bugzilla.redhat.com/show_bug.cgi?id=892543 --------------------------------------------------------------------------------
================================================================================ drupal7-i18n-1.8-0.el5 (FEDORA-EPEL-2013-0675) Collection of modules to extend Drupal core multilingual capabilities -------------------------------------------------------------------------------- Update Information:
New upstream release, http://drupal.org/node/1887374. -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 10 2013 Scott Dodson sdodson@redhat.com 1.8-0 - Update to 1.8 - Make sure drupal7-variable > 2.0 * Wed Jul 18 2012 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #895024 - drupal7-i18n-1.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=895024 --------------------------------------------------------------------------------
================================================================================ drupal7-jquery_update-2.3-1.el5 (FEDORA-EPEL-2013-0651) Updates the version of jQuery to 1.5.2 and jQuery UI 1.8.11 -------------------------------------------------------------------------------- Update Information:
New upstream release, http://drupal.org/node/1912546. -------------------------------------------------------------------------------- ChangeLog:
-------------------------------------------------------------------------------- References:
[ 1 ] Bug #909894 - drupal7-jquery_update-2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=909894 --------------------------------------------------------------------------------
================================================================================ drupal7-libraries-2.1-1.el5 (FEDORA-EPEL-2013-0668) The common denominator for all Drupal components and external libraries -------------------------------------------------------------------------------- Update Information:
New upstream release, http://drupal.org/node/1938254. -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 14 2013 Peter Borsa peter.borsa@gmail.com - 2.1-1 - Update to 2.1 * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0-1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #919812 - drupal7-libraries-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=919812 --------------------------------------------------------------------------------
================================================================================ glue-schema-2.0.10-1.el5 (FEDORA-EPEL-2013-0676) LDAP schema files for the GLUE 1.3 and GLUE 2.0 Schema -------------------------------------------------------------------------------- Update Information:
Updated versions of bdii and glue-schema from the EMI 3 release. -------------------------------------------------------------------------------- ChangeLog:
* Thu Mar 14 2013 Mattias Ellert mattias.ellert@fysast.uu.se - 2.0.10-1 - Update to release 2.0.10 * Wed Feb 13 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 2.0.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ graphite-web-0.9.10-8.el5 (FEDORA-EPEL-2013-0678) A Django webapp for enterprise scalable realtime graphing -------------------------------------------------------------------------------- Update Information:
Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. --------------------------------------------------------------------------------
================================================================================ libguestfs-1.20.4-2.el5 (FEDORA-EPEL-2013-0667) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information:
New upstream stable branch version 1.20.4. New upstream stable branch version 1.20.3. -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 13 2013 Richard W.M. Jones rjones@redhat.com - 1:1.20.4-2 - Rebase to upstream stable branch version 1.20.4. * Mon Mar 11 2013 Richard W.M. Jones rjones@redhat.com - 1:1.20.3-6 - Fix various small bugs and tests. - Remove Fedora RPM database files from the tarball. * Sun Mar 10 2013 Richard W.M. Jones rjones@redhat.com - 1:1.20.3-3 - Add patch to define O_CLOEXEC in tests. - Fix double-free bug in EPEL5-specific patch. * Sat Mar 9 2013 Richard W.M. Jones rjones@redhat.com - 1:1.20.3-1 - Rebase to upstream stable branch version 1.20.3. --------------------------------------------------------------------------------
================================================================================ ndjbdns-1.05.7-1.el5 (FEDORA-EPEL-2013-0650) New djbdns: usable djbdns -------------------------------------------------------------------------------- Update Information:
Release 1.05.7 fixes a bug about reading servers/mydomain.com files correctly; adds couple of new features which allow servers to listen on multiple IP addresses and to respond from a correct IP when listening on 0.0.0.0. -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 24 2013 pjp pj.pandit@yahoo.co.in - 1.05.7-1 - Build & install walldns server. - Removed install commands for systemd unit files. - Merge patch to bind servers to multiple IP addresses. - Patch to respond to original destination address BZ#917580. - Update to correctly read servers/mydomain.dom files BZ#913651. * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 1.05.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #913667 - Merge patch to support listening on multiple IP interfaces on multi-home systems. https://bugzilla.redhat.com/show_bug.cgi?id=913667 [ 2 ] Bug #917580 - Server accept connections on one ip but always sends replies back on the first ip in the same segment https://bugzilla.redhat.com/show_bug.cgi?id=917580 [ 3 ] Bug #913651 - dnscache resolver ignores ..servers/mydomain.com files. https://bugzilla.redhat.com/show_bug.cgi?id=913651 --------------------------------------------------------------------------------
================================================================================ puppet-2.6.18-1.el5 (FEDORA-EPEL-2013-0664) A network tool for managing many disparate systems -------------------------------------------------------------------------------- Update Information:
Updates to EPEL for Puppet 2.6 for security issues disclosed 13-MAR-2013 from Puppet Labs. -------------------------------------------------------------------------------- ChangeLog:
* Mon Mar 11 2013 Michael Stahnke stahnma@puppetlabs.com - 2.6.18-1 - Fixes for CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 - and CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #919770 - CVE-2013-1654 Puppet: SSL protocol downgrade https://bugzilla.redhat.com/show_bug.cgi?id=919770 [ 2 ] Bug #919774 - CVE-2013-1653 Puppet: kick connection HTTP PUT request arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=919774 [ 3 ] Bug #919775 - CVE-2013-1655 Puppet: Master code loading Ruby symbols vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=919775 [ 4 ] Bug #919783 - CVE-2013-1640 Puppet: catalog request code execution https://bugzilla.redhat.com/show_bug.cgi?id=919783 [ 5 ] Bug #919784 - CVE-2013-1652 Puppet: HTTP GET request catalog retrieval https://bugzilla.redhat.com/show_bug.cgi?id=919784 [ 6 ] Bug #919785 - CVE-2013-2275 Puppet: default auth.conf allows authenticated node to submit a report for any other node https://bugzilla.redhat.com/show_bug.cgi?id=919785 --------------------------------------------------------------------------------
================================================================================ python-bucky-0.2.4-1.el5 (FEDORA-EPEL-2013-0658) CollectD and StatsD adapter for Graphite -------------------------------------------------------------------------------- Update Information:
Update to 0.2.4 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 13 2013 Jonathan Steffan jsteffan@fedoraproject.org - 0.2.4-1 - Update to 0.2.4 * Thu Feb 14 2013 Fedora Release Engineering rel-eng@lists.fedoraproject.org - 0.2.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ salt-0.13.2-1.el5 (FEDORA-EPEL-2013-0672) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Update to upstream patch release 0.13.2 -------------------------------------------------------------------------------- ChangeLog:
* Wed Mar 13 2013 Clint Savage herlo1@gmail.com - 0.13.2-1 - Update to upstream patch release 0.13.2 --------------------------------------------------------------------------------
epel-devel@lists.fedoraproject.org
-
updates@fedoraproject.org